HNNCast.2011.03.25

HNNCast for the third week of March, 2011
Top Stories
Under the Comodo, Recent Security Acquisition turns Incident, PHPwned, b107

News
j35t3r sets DoS Record, Smart-phone Security Sucks, DoS Flurry, Going Wayback with the Saltine

T00l T1m3
Updates: PacketFence, winAUTOPWN, SAMHAIN, JBROFuzz, Arachni, Fiddler, Burpsuite, Skipfish, Yara, THICKNET
Fresh: J-HAT/HPROF, GnackTrackR6, MOSCRACK, Creepy
Hardwarez: FUNcube
Note: MoonSols Utilities

Quickies
Celebrity Twits, Plans to Nix IE6, pwned and Poppin’, Vendor Insecurity List, SHA-3 Field Narrows to Five, Ghostmarket Guy Sentenced to Five, Student Snagged Changing Grades, InterWACK, Jumbo Hoax, Pr0n h4x0r Sentenced to Six Years, One H0t H4x0r Chick

Con Fu
Note: Tokyo Hacker-Space
CSW and PWN2OWN, OWASP AppSec USA CFP, Hack Lu CFP, Notacon, CCC 2011 is ON, Source Boston/BeaCon, Carolina Con, B-Sides World-Wide, the SF to DC19 Hack-Bus

Stack of Shame
count: 89 (+35)

Behind the Firewall – episode 013: CanSecWest 2011

CanSecWest is in it’s 12th year now.  It started with the small, highly technical computer security conference in Vancouver and has since expanded to include a PacSec in Asia and EUSecWest in Europe, a 3 day dojo of training preceeding the conference, and for the last 4 years an event which has eclipsed the con itself – pwn2own.

This year the talks were mostly focused on applications and bug hunting as might be expected along side the pwn2own competition.  As for pwn2own itself, some prizes were won and some not.  Charlie Miller took away an iPhone 4 this year via a mobile Safari exploit.  Stephen Fewer won a laptop by combining three different exploits to pwn IE8 on Windows 7-SP1.  The VUPEN team walked off with an iBook for popping OS X through Safari.  And Vincenzo Iozzo from Zynamics won big with the RIM’s BlackBerry Torch 9800.  Of course there ARE some odd rules and one of the favorites to take out some of the prizes left “standing” didn’t show.  It’s a jungle out there for Apple users but that shouldn’t leave Android, Chrome or Windows Phone 7 feeling invulnerable.  YOUR bugs will live a little longer.

HNN was there in Vancouver, BC for the action.  We hope you enjoy the sights and sounds of CanSecWest, 2011.

Behind the Firewall – episode 012: ShmooCon part II

Behind the Firewall – episode 011: ShmooCon part I

Space Rogue visits ShmooCon 2011 – part 1 brings us sights and sounds of ShmooCon 2011.

Death of the Shmoo Ball

ShmooCon BarCode Entries
Adam & Jeffball

Vendor Crawl
Interview with Harris Security
Karen

Interview with Security Snobs
Sam & Mitch

Interview with 0ld Sk00l HNN fan
Kevin

Music by 8bitpeoples
http://www.8bitpeoples.com/

HNNCast.2011.03.04

HNNCast for the first week of March, 2011
Top Stories
pwn2own a Week Away, Anonymous Ops Continue, Anonymous Fall-out Continues Too, It’s a Good Year NOT to be Greg Hoglund, Thanks OWASP

News
Androids Under Attack, Mac Malwares, Lion Seed, iTunes Struggle, It’s Unanimus – You’re Pwn3d

T00l T1m3
updates: Mobius, Wireshark, Nessus, Scapy, w3af, Armitage, FOCA, WATOBO, XSSer
Nessus in the Cloud, Naked Password

Quickies
Celebrity Twits, Turing Target Met, Wack-a-Quack, Underground Carder War, Weev Free, Every Browser can Tatanga, Cry Me a Digital River, Crippling Autorun, Team Kuwait Strikes Israeli Sites, Zynamics Acquired by Google

Con-Fu
DerbyCon Speakers, WOOT CFP, Source Coast-to-Coast, BruCon CFP, Notacon Not-acomodations, B-Sides Wrap-Up, Can Sec West NEXT WEEK!

Stack of Shame
The Stack of Slightly Less Shame
count: 92 (+38)

PROGRAMMING NOTE: NO HNNCast NEXT WEEK – WE WILL BE @CSW BUT WILL RELEASE SHMOOCON BEHIND THE FIREWALL SO TUNE IN!

Security B-Sides – Austin

Security B-Sides – Austin Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.